7691-testToMaster #2703

Merged
alexm merged 268 commits from 7691-testToMaster into master 2024-07-09 05:38:28 +00:00
10 changed files with 89 additions and 86 deletions
Showing only changes of commit 2d876fa1a2 - Show all commits

15
Jenkinsfile vendored
View File

@ -24,6 +24,7 @@ node {
FROM_GIT = env.JOB_NAME.startsWith('gitea/')
RUN_TESTS = !PROTECTED_BRANCH && FROM_GIT
RUN_BUILD = PROTECTED_BRANCH && FROM_GIT
// https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#using-environment-variables
echo "NODE_NAME: ${env.NODE_NAME}"
echo "WORKSPACE: ${env.WORKSPACE}"
@ -203,19 +204,23 @@ pipeline {
sh 'npx myt push $NODE_ENV --force --commit'
}
}
stage('Docker') {
stage('Kubernetes') {
when {
expression { FROM_GIT }
}
environment {
DOCKER_HOST = "${env.SWARM_HOST}"
}
steps {
script {
def packageJson = readJSON file: 'package.json'
env.VERSION = packageJson.version
}
sh "docker stack deploy --with-registry-auth --compose-file docker-compose.yml ${env.STACK_NAME}"
withKubeConfig([
serverUrl: "$KUBERNETES_API",
credentialsId: 'kubernetes',
namespace: 'salix'
]) {
sh 'kubectl set image deployment/salix-back-$BRANCH_NAME salix-back-$BRANCH_NAME=$REGISTRY/salix-back:$VERSION'
sh 'kubectl set image deployment/salix-front-$BRANCH_NAME salix-front-$BRANCH_NAME=$REGISTRY/salix-front:$VERSION'
}
}
}
}

View File

@ -18,15 +18,10 @@ module.exports = Self => {
Self.renewToken = async function(ctx) {
const {accessToken: token} = ctx.req;
// Check if current token is valid
const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
fields: ['renewPeriod', 'courtesyTime']
const {courtesyTime} = await models.AccessTokenConfig.findOne({
fields: ['courtesyTime']
});
const now = Date.now();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
const isNotExceeded = await Self.validateToken(ctx);
if (isNotExceeded)
return token;

View File

@ -0,0 +1,30 @@
const {models} = require('vn-loopback/server/server');
module.exports = Self => {
Self.remoteMethodCtx('validateToken', {
description: 'Validates the current logged user token',
accepts: [],
accessType: 'READ',
returns: {
type: 'Boolean',
root: true
},
http: {
path: `/validateToken`,
verb: 'GET'
}
});
Self.validateToken = async function(ctx) {
const {accessToken: token} = ctx.req;
// Check if current token is valid
const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
fields: ['renewPeriod', 'courtesyTime']
});
const now = Date.now();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
return isNotExceeded;
};
};

View File

@ -15,6 +15,7 @@ module.exports = function(Self) {
require('../methods/vn-user/renew-token')(Self);
require('../methods/vn-user/share-token')(Self);
require('../methods/vn-user/update-user')(Self);
require('../methods/vn-user/validate-token')(Self);
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');

View File

@ -113,6 +113,13 @@
"principalId": "$everyone",
"permission": "ALLOW"
},
{
"property": "validateToken",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"property": "privileges",
"accessType": "*",

View File

@ -4,62 +4,8 @@ services:
image: registry.verdnatura.es/salix-front:${VERSION:?}
build:
context: front
environment:
- TZ
- NODE_ENV
ports:
- 80
deploy:
replicas: 2
placement:
constraints:
- node.role == worker
resources:
limits:
memory: 1G
back:
image: registry.verdnatura.es/salix-back:${VERSION:?}
build:
context: .
dockerfile: back/Dockerfile
environment:
- TZ
- NODE_ENV
- DEBUG
ports:
- 3000
configs:
- source: datasources
target: /etc/salix/datasources.json
- source: datasources_local
target: /etc/salix/datasources.local.json
- source: print
target: /etc/salix/print.json
- source: print_local
target: /etc/salix/print.local.json
volumes:
- /mnt/appdata/pdfs:/var/lib/salix/pdfs
- /mnt/appdata/dms:/var/lib/salix/dms
- /mnt/appdata/image:/var/lib/salix/image
- /mnt/appdata/vn-access:/var/lib/salix/vn-access
deploy:
replicas: ${BACK_REPLICAS:?}
placement:
constraints:
- node.role == worker
resources:
limits:
memory: 8G
configs:
datasources:
external: true
name: salix_datasources
datasources_local:
external: true
name: salix-${BRANCH_NAME:?}_datasources
print:
external: true
name: salix_print
print_local:
external: true
name: salix-${BRANCH_NAME:?}_print

View File

@ -69,3 +69,4 @@ Send cau: Enviar cau
By sending this ticket, all the data related to the error, the section, the user, etc., are already sent.: Al enviar este cau ya se envían todos los datos relacionados con el error, la sección, el usuario, etc
ExplainReason: Explique el motivo por el que no deberia aparecer este fallo
You already have the mailAlias: Ya tienes este alias de correo
Error loading ACLs: Error al cargar los ACLs

View File

@ -7,16 +7,17 @@ import UserError from 'core/lib/user-error';
* @property {Boolean} loggedIn Whether the user is currently logged
*/
export default class Auth {
constructor($http, $q, $state, $transitions, $window, vnToken, vnModules, aclService) {
constructor($http, $q, vnApp, $translate, $state, $transitions, $window, vnToken, vnModules) {
Object.assign(this, {
$http,
$q,
vnApp,
$translate,
$state,
$transitions,
$window,
vnToken,
vnModules,
aclService,
loggedIn: false
});
}
@ -39,9 +40,26 @@ export default class Auth {
};
if (this.vnToken.token) {
return this.loadAcls()
const loadWithRetry = () => {
return this.validateToken()
.then(() => true)
.catch(redirectToLogin);
.catch(err => {
switch (err.status) {
case 400:
case 401:
return redirectToLogin();
default:
return new Promise(resolve => {
setTimeout(() => {
this.vnApp.showMessage(this.$translate.instant('Loading...'));
resolve(loadWithRetry());
}, 2000);
});
}
});
};
return loadWithRetry();
} else
return redirectToLogin();
});
@ -87,13 +105,11 @@ export default class Auth {
headers: {Authorization: json.data.token}
}).then(({data}) => {
this.vnToken.set(json.data.token, data.multimediaToken.id, now, json.data.ttl, remember);
this.loadAcls().then(() => {
let continueHash = this.$state.params.continue;
if (continueHash)
this.$window.location = continueHash;
else
this.$state.go('home');
});
}).catch(() => {});
}
@ -107,24 +123,25 @@ export default class Auth {
this.vnToken.unset();
this.loggedIn = false;
this.vnModules.reset();
this.aclService.reset();
this.vnModules.aclService.reset();
this.$state.go('login');
return promise;
}
loadAcls() {
return this.aclService.load()
validateToken() {
return this.$http.get('VnUsers/validateToken')
.then(() => {
this.loggedIn = true;
this.vnModules.reset();
})
.catch(err => {
this.vnToken.unset();
throw err;
});
}
}
Auth.$inject = ['$http', '$q', '$state', '$transitions', '$window', 'vnToken', 'vnModules', 'aclService'];
Auth.$inject = [
'$http', '$q', 'vnApp', '$translate', '$state',
'$transitions', '$window', 'vnToken', 'vnModules'];
ngModule.service('vnAuth', Auth);

View File

@ -12,7 +12,8 @@ function config($stateProvider, $urlRouterProvider) {
template: '<vn-layout></vn-layout>',
resolve: {
config: ['vnConfig', vnConfig => vnConfig.initialize()],
token: ['vnToken', vnToken => vnToken.fetchConfig()]
token: ['vnToken', vnToken => vnToken.fetchConfig()],
acl: ['aclService', aclService => aclService.load()]
}
})
.state('outLayout', {

View File

@ -1,6 +1,6 @@
{
"name": "salix-back",
"version": "24.24.0",
"version": "24.24.1",
"author": "Verdnatura Levante SL",
"description": "Salix backend",
"license": "GPL-3.0",